• Journal of Digital Convergence
• /
• v.13 no.1
• /
• pp.313-319
• /
• 2015

As the number of applications using the internet the rapidly increasing incidence of cyber attacks made on the internet has been increasing. In the equipment of L3 DDoS attack detection equipment in the world and incomplete detection of application layer based intelligent. Next-generation networks domestic product in high-performance wired and wireless network threat response techniques to meet the diverse requirements of the security solution is to close one performance is insufficient compared to the situation in terms of functionality foreign products, malicious code detection and signature generation research primarily related to has progressed malware detection and analysis of the research center operating in Window OS. In this paper, we describe the current status survey and analysis of the latest variety of new attack techniques and analytical skills with the latest cyber-attack analysis prejudice the security situation.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.3
• /
• pp.984-990
• /
• 2010

Zigbee sensor network technology to build a ubiquitous environment has an important role. However, Zigbee technology, sensing environmental information within the local area to deliver the information because it was designed for the purpose of simple tasks, Attack by a variety of technologies that could potentially compromise the network is very high. To solve this problems, many defense mechanisms are presented in a lot of papers. But, to attack the existing Zigbee various response measures for the implementation of the functionality of the sensor nodes very heavy and high expensive problem. To resolve this problems, with superior computing power Zigbee network coordinator to install, based coordinator to intrusion detection systems is proposed. Coordinator-based IDS(Intrusion Detection System) of the Zigbee network is detected attack, and present a new approach to resolve, possible applications in various fields, so in real life Zigbee technology is expected to contribute to graft.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.589-598
• /
• 2019

The amount of digital data a is explosively growing, and these data have large potential values. Countries and companies are creating various added values from vast amounts of data, and are making a lot of investments in data analysis techniques. The privacy problem that occurs in data analysis is a major factor that hinders data utilization. Recently, as privacy violation attacks on neural network models have been proposed. researches on artificial neural network technology that preserves privacy is required. Therefore, various privacy preserving artificial neural network technologies have been studied in the field of differential privacy that ensures strict privacy. However, there are problems that the balance between the accuracy of the neural network model and the privacy budget is not appropriate. In this paper, we study differential privacy techniques that preserve the performance of a model within a given privacy budget and is resistant to model inversion attacks. Also, we analyze the resistance of model inversion attack according to privacy preservation strength.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2001.05a
• /
• pp.261-267
• /
• 2001

In this paper, we have illustrated implementations and there results of network attacks and detections. We consider two attacks, smurf attach and network mapping attack, which are one of the typical intrusions using the ICMP The NFR/sup TM/ is used to capture all of our interesting packets within the network traffic. We implement the smurf and network mapping attacks with the UNIX raw socket, and build the NFR's backend for it's detection. The N-Code programming is used to build the backend. The implementing results show the possibility of preventing illegal intruding to network systems.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.44 no.1
• /
• pp.113-121
• /
• 2007

Commonly, in the Sensor Network that composed with multiple nodes uses Ad-hoc protocol to communicate each other. Each sensed data packets are collected by base node and processed by Host PC. But the Ad-hoc protocol is too vulnerable to Sinkhole attack, where the intruder attracts surrounding nodes with unfaithful routing information, and then performs selective forwarding or changes the data passing through it. The Sinkhole attack increases overhead over the network and boosts energy consumption speed to decrease network's life time. Since the other attacks can be easily adopted through sinkhole attack, the countermeasure must be considered carefully. In this paper, we proposed the Hop-depth algorithm that detects intruder in Sinkhole attack and colluded nodes. First, the proposed algorithm makes list of suspected nodes and identifies the real intruder in the suspected node list through the Hop-depth count value. And recalculates colluder's path information to find the real intruder. We evaluated the performance of the proposed algorithm using NS2. We compared and analyzed the success ratio of finding real intruder, false positive ratio, false negative ratio, and energy consumption.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.3 no.3
• /
• pp.31-38
• /
• 2010

It has become more difficult to correspond an cyber attack quickly as patterns of attack become various and complex. However, current security mechanisms just have passive defense functionalities. In this paper, we propose new network security architecture to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed architecture makes it possible to deal effectively with cyber attacks such as IP spoofing or DDoS(Distributed Denial of Service), by using active packet technology including a mobile code on active network. Also, it is designed to have more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.

• Journal of Korea Multimedia Society
• /
• v.7 no.8
• /
• pp.1120-1130
• /
• 2004

Distributed Denial-of-Service(DDoS) attack prevent users from accessing services on the target network by spoofing its origin source address with a large volume of traffic. The objective of IP Traceback is to determine the real attack sources, as well as the full path taken by the attack packets. Existing IP Traceback methods can be categorized as proactive or reactive tracing. Existing proactive tracing scheme(such as packet marking and messaging) prepares information for tracing when packets are in transit. But, these scheme require additional network overhead. In this paper, we propose a "advanced Traceback" mechanism, which is based on the modified Pushback system with secure router mechanism. Proposed mechanism can detect and control DDoS traffic on router and can generate marked packet for reconstructing origin DDoS attack source, by which we can diminish network overload and enhance Traceback performance.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.5 no.6
• /
• pp.625-630
• /
• 2010

With regard to the examples of establishing various sorts of information security, it can be seen that there are gradual, developmental procedures including Firewall and VPN (Virtual Private Network), IDS (Intrusion Detection System), or ESM(Enterprise Security Management). Each of the security solutions and equipments analyzes both defense and attack for information security with the criteria of classifying the problems of security policies by TCP/IP layers or resulted from attack patterns, attack types, or invasion through specialized security technology. The direction of this study is to examine latency time vulnerable to invasion which occurs when L2-stratum or lower grade equipments or policies are applied to the existing network through TCP/IP layer's L3-stratum or higher grade security policies or equipments and analyze security holes which may generate due to the IP preoccupation in the process of establishing policies to limit particular IP area regarding the policies for security equipments to figure out technological problems lying in it.

• Journal of Advanced Navigation Technology
• /
• v.18 no.4
• /
• pp.353-358
• /
• 2014

In the past, security on control system was guaranteed by isolation of control system networks from external networks. However as devices of the control systems became more various and interaction between the devices became necessary, effective management system for such network emerged and this triggered connection between control system networks and external system networks. This made management of control system easier but also made control system exposed to various cyber attack threats, Therefore researches on appending security measures on each protocols are in progress. This paper focused on DNP(distributed network protocol)3 protocol which is used for communication between control center and substations. It describes characteristics of DNP3 protocol and research on adding security elements to the protocol. It also analyzed known vulnerabilities of DNP3 protocol and proposed data mining methodology for detecting such vulnerabilities.

• Journal of Internet Computing and Services
• /
• v.9 no.2
• /
• pp.69-81
• /
• 2008

It has become more difficult to correspond a cyber attack quickly as patterns of attack become various and complex. However, current security mechanism just have passive defense functionalities. In this paper, we propose new network security mechanism to respond various cyber attacks rapidly and to chase and isolate the attackers through cooperation between security zones. The proposed mechanism makes it possible to deal effectively with cyber attacks such as IP spoofing, by using active packet technology including a mobile code on active network. Also, it is designed to hove more active correspondent than that of existing mechanisms. We implemented these mechanisms in Linux routers and experimented on a testbed to verify realization possibility of attacker response framework using mobile code. The experimentation results are analyzed.